Wednesday, February 8, 2012

New "UPS Notification" Spam Making Rounds

UPS LogoDid you recently ship a package via UPS?

Spammers are placing their bets that you have and that you won’t think twice before following the instructions within the email, ultimately pave the way for malware to make its way onto your PC.

The spam emails come from a spoofed “United Parcel Service” email address ( and claim that your package was rejected at the place of delivery.

Like the malicious FedEx spam campaign we saw last year, the email totes an alleged “delivery sticker” – or, in the FedEx spam case, a “shipment label” – that’s in the “UPS” file attached to the email. Your job is to download it, open it and present it to your local UPS office.

Bear in mind, folks, that’s no delivery sticker. It’s malware.

Here’s the email:

UPS Notification Spam

Subject: UPS notification
From: United Parcel Service (

Dear Customer,

This is a follow-up on your package delivery (tracking number 0p2uYq5RIho). The package contained in the above-mentioned shipment was not accepted at the destination address. Please contact your local UPS office and produce the printed delivery sticker, included in this email attachment.

Please note that in case of a failure to contact your local UPS office within 21 days the parcel will be returned to sender.

Happy to serve you,

This is automatically generated delivery status email, please do to reply to it.

Fortunately, the spammers behind this email didn’t do a very good job addressing the bogus UPS notification email to their mailing list of victim. The fact that this email is a fake becomes rather obvious once you look at the unfamiliar email address listed in the ‘To’ field, along with the 21 additional email addresses that are copied on it!

If you receive this email – or one similar to it – it would be in the best interest of your computer’s health not to open it. Instead, hit the ‘delete’ button and go about your day.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment